Intrusion PreventionCross.Site.Scripting
Description
This indicates a potential cross-site scripting attack.
Cross-site scripting (XSS) is a popular web security issue. If a web application doesn't properly validate input from one user and uses it in the output for other users, attackers can exploit it to send malicious code to other users.
Affected Products
All web application environments are susceptible to cross-site scripting.
Impact
Remote attackers can execute arbitrary code or gain sensitive information.
Recommended Actions
Review the code of web application and check all places where user input could possibly become part of the output for other users.
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2023-12-28 | 26.704 | Sig Added |
| 2023-12-14 | 26.696 | Sig Added |
| 2023-11-13 | 26.676 | Sig Added |
| 2023-11-01 | 26.669 | Sig Added |
| 2022-10-12 | 22.412 | Sig Added |
| 2022-10-10 | 22.410 | Sig Added |
| 2022-10-06 | 22.409 | Sig Added |
| 2022-10-05 | 22.407 | Sig Added |
| 2021-06-03 | 18.091 | Sig Added |
| 2019-06-07 | 14.628 | Severity:low:medium |
| ID | 17702 |
| Created | Oct 22, 2009 |
| Updated | Dec 28, 2023 |
| Risk |
|
| CVE ID | CVE-2010-2370 CVE-2016-3212 CVE-2023-0099 CVE-2016-9500 CVE-2018-17443 CVE-2018-2791 CVE-2018-17441 CVE-2018-8006 CVE-2023-42270 CVE-2018-5550 CVE-2016-1000113 CVE-2011-3010 CVE-2011-4340 CVE-2011-0508 CVE-2010-4828 CVE-2011-2938 CVE-2011-3390 CVE-2007-6316 CVE-2011-2179 CVE-2011-0961 CVE-2011-0959 CVE-2011-1772 CVE-2008-4918 CVE-2008-3726 CVE-2008-3305 CVE-2008-4393 CVE-2008-2165 CVE-2007-1355 CVE-2009-1524 CVE-2010-3266 CVE-2024-25327 |
| Exploit Prediction Score | 34.78% |
| Default Action | pass |
| Active | |
| Affected OS | All |
| Affected App | All |